GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+
95 advisories
Filter by severity
This issue was addressed with improved redaction of sensitive information. This issue is fixed in...
Moderate
Unreviewed
CVE-2024-44257
was published
Oct 29, 2024
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2024-44216
was published
Oct 29, 2024
A logic issue was addressed with improved state management. This issue is fixed in iOS 18.1 and...
Moderate
Unreviewed
CVE-2024-44263
was published
Oct 28, 2024
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2024-44175
was published
Oct 28, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An...
Moderate
Unreviewed
CVE-2024-44174
was published
Oct 28, 2024
An issue existed in the parsing of URLs. This issue was addressed with improved input validation....
Moderate
Unreviewed
CVE-2024-44213
was published
Oct 28, 2024
OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET...
Moderate
Unreviewed
CVE-2022-30359
was published
Oct 25, 2024
OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET...
Moderate
Unreviewed
CVE-2022-30361
was published
Oct 25, 2024
A vulnerability was found in PAM. The secret information is stored in memory, where the attacker...
Moderate
Unreviewed
CVE-2024-10041
was published
Oct 23, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform...
Moderate
Unreviewed
CVE-2024-20462
was published
Oct 16, 2024
Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: User...
Moderate
Unreviewed
CVE-2024-21258
was published
Oct 15, 2024
In the goTenna Pro application, the encryption keys are stored along with a static IV on the...
Moderate
Unreviewed
CVE-2024-47122
was published
Sep 26, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are
stored along with a static...
Moderate
Unreviewed
CVE-2024-43694
was published
Sep 26, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are
stored along with a static...
Moderate
Unreviewed
CVE-2024-45374
was published
Sep 26, 2024
An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT...
Moderate
Unreviewed
CVE-2024-5288
was published
Aug 27, 2024
An issue in Huizhi enterprise resource management system v.1.0 and before allows a local attacker...
Moderate
Unreviewed
CVE-2024-42677
was published
Aug 15, 2024
A lock screen issue was addressed with improved state management. This issue is fixed in watchOS...
Moderate
Unreviewed
CVE-2024-40813
was published
Jul 30, 2024
A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties...
Moderate
Unreviewed
CVE-2024-6916
was published
Jul 19, 2024
Secret file credentials stored unencrypted in rare cases by Plain Credentials Plugin
Moderate
CVE-2024-39459
was published
for
org.jenkins-ci.plugins:plain-credentials
(Maven)
Jun 26, 2024
A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d...
Moderate
Unreviewed
CVE-2024-29953
was published
Jun 26, 2024
When browsing private tabs, some data related to location history or webpage thumbnails could be...
Moderate
Unreviewed
CVE-2024-38312
was published
Jun 13, 2024
Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions
Moderate
CVE-2024-23445
was published
for
org.elasticsearch:elasticsearch
(Maven)
Jun 12, 2024
scikit-learn sensitive data leakage vulnerability
Moderate
CVE-2024-5206
was published
for
scikit-learn
(pip)
Jun 6, 2024
Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows :...
Moderate
Unreviewed
CVE-2022-44581
was published
May 17, 2024
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic...
Moderate
Unreviewed
CVE-2024-33004
was published
May 14, 2024
ProTip!
Advisories are also available from the
GraphQL API